If you don’t know what you’re doing, Amazon’s Elastic Container Registry (ECR) can end up just becoming one more weak link in an already compromised software supply chain.
This ECR Security Essentials course by AppSecEngineer exists to make your journey into AWS cloud that much easier. Learn how to use all the tools at your disposal to configure, scan, and secure your container registries against outside threats.
Amazon Elastic Container Registry (ECR) is a cornerstone service that allows you to completely manage container images within AWS. But Container Registries also happen to be a major threat vector that attackers can exploit. By gaining access to your container registry, attackers can launch widespread supply-chain attacks against your infrastructure and compromise your container images.
This course is a deep-dive into specific security features of ECR that help you prevent, detect, and correct security weaknesses in your container images within AWS. We start off with an overview of Container Registry and various features of Amazon ECR. We explore AWS Identity and Access Management (IAM) and how it fits in with the functions of ECR. Next, we use hands-on labs to learn how to scan container images for vulnerabilities and pinpoint security flaws. We also look at tag immutability for ECR.
For our final lesson, we’ll be learning to monitor security events. Get some hands-on practice setting up and using Cloudtrail-Athena for security monitoring for Amazon ECR.
Make Amazon ECR a powerful link in the larger software supply chain of your organization.
Map your container registries with other key elements of your AWS cloud environment.
Incorporate container supply chain security into your security activities at every step of deployment.
Deep dive into Amazon ECR
AWS IAM & ECR: identity, policies & more
Scanning container images and Monitor security events in ECR
Crafted on Real-world training for product security teams
Hands-on Experience: Engage with real-world scenarios in a controlled, cloud-based lab environment to apply learning directly.
Immediate Application: Implement Threat Modeling tools and techniques instantly, enhancing retention and understanding.
Access to Specialized Tooling: Utilize advanced Threat Modeling software and LLMs without needing to set up or maintain the infrastructure.
Safe Learning Space: Experiment and learn from mistakes in a risk-free sandbox, encouraging exploration and innovation.
Basic understanding of application security principles.
Familiarity with software development and the software development lifecycle (SDLC).
Some experience in security practices and methodologies is beneficial
For a optimal learning experience in ths course, participants should use a laptop with Windows 10/11, the latest macOS, or a modern Linux distribution, equipped with an Intel i5 processor or equivalent (i7 recommended), at least 8GB of RAM (16GB preferred), and 20GB of free disk space. A stable, high-speed internet connection is essential for accessing streaming content and cloud-based labs, alongside the latest versions of Google Chrome, Mozilla Firefox, or Safari with JavaScript enabled. Participants must have administrative rights to install necessary software and a modern code editor like Visual Studio Code.
10
help@appsecengineer.com
United States
11166 Fairfax Boulevard, 500, Fairfax, VA 22030
APAC
68 Circular Road, #02-01, 049422, Singapore